DigitalOcean Ubuntu droplet not serving port 80 - python-3.x

I have a simple Python server on a DigitalOcean Ubuntu droplet that should serve the index.html file in the /dist folder:
port = 8000
os.chdir(os.path.join(os.path.dirname(__file__), 'dist'))
Handler = http.server.SimpleHTTPRequestHandler
httpd = socketserver.TCPServer(('', port), Handler)
print('Serving at port ', port)
httpd.serve_forever()
I ran 'sudo ufw allow 80/tcp' to open the firewall and if I run ufw status it shows port 80 as being open to everybody. I ran 'sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8000' to redirect traffic from port 80 to port 8000.
If I run nmap from another box, the only open port is ssh on 22. Port 80 is filtered. Navigating to the host in my browser results in a connection timeout. What could be causing this?

It turns out I had to enable the DigitalOcean firewall and apply the correct rules, otherwise without the firewall it was just blocking ports by default.

Related

How do I access my node.js server via public IP address?

I want to get a response from a remote node.js server by typing my public IP address into my browser. When I type my public IP into my browser on my personal computer, I get "Unable to Connect". My node.js server isn't connected to the World =(
I am running CentOS on a Linode (but I don't think either choice should matter to my question).
Via Terminal on my person computer (a Mac), I can successfully SSH as root into my Linode.
I have installed node.js successfully on my Linode.
I can compile and run a simple server on my Linode.
var http = require('http');//create a server object:
http.createServer(function (req, res) {
res.write('Hello World!'); //write a response
res.end(); //end the response
}).listen(3000, function(){
console.log("server start at port 3000");
});
I've tried:
Setting a hostname.
Changing the "hosts" file on my server.
Changing the port number in my node.js server (3000, 80, 8080, 3001, 0.0.0.0, etc).
Read literally 100 articles today about how to deploy a node.js server.
Searched Google, Stackoverflow, Linode forums, etc for threads that might help me.
I have zero idea what I'm doing wrong and would be so grateful for your help.
I eventually found the answer, thanks to Saddy's suggestion that the problem might be port forwarding.
1. I decided to use ports 3080 and 3443 for my node server.
2. I SSHed into my CentOs instance.
3. I disabled the default firewall, firewalld.
4. I set up port forwarding using iptables with the following commands:
firewalld stop
firewalld disable
iptables -I INPUT 1 -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 1 -p tcp --dport 443 -j ACCEPT
iptables -I INPUT 1 -p tcp --dport 25 -j ACCEPT
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3080
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 3443
iptables-save > /etc/sysconfig/iptables
After this, I was able to access my node server via a browser.

Redirect Port via iptables on AWS EC2 Ubuntu instance

I have a running AWS EC2 instance on an Ubuntu machine running a Nodejs server.
Everything works fine then opening the website via its public ip on port 3000 likes this:
http://XX.XXX.XXX.XXX:3000
Now I want to redirect all requests from port 80 to this port 3000 via iptables like described in this video: https://www.youtube.com/watch?v=WxhFq64FQzA via
sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3000.
Unfortunately I am getting this error: http://prntscr.com/lja6hx when opening the site like this: http://XX.XXX.XXX.XXX (without port 3000 specified)
P.S.: I'm not really sure if my approach is correct. I am open to other ways of achieving a redirect from port 80 (http) to port 3000
As #Vorsprung suggested I should use an Application Load Balancer. I did this but it's still not working. Here is my setup:
My Application Load Balancer Listener
The Target Group I'm forwarding to in my ALB
My hosted zone (I've added the alias for the ALB here)
Please let me know if something is missing
either use nginx see https://nodebb.readthedocs.io/en/latest/configuring/proxies/nginx.html
or
you are on AWS! Use an ALB.. see https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancer-tutorials.html

Run node app with SSL on 443 port (on 80 is working)

It's my first time when I try configure a server running on Amazon EC2.
I figured out how run my node app on 80 port but now I'm trying to run on 443 port with Letsencrypt SSL. Before to work on 80 port I added
sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 3000
and
sudo iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 3000
and everything worked fine. But now after install Letsencrypt I try to do same thing but with 433 port instead 80 and it's not working.
Letsencrypt config automatically for me all files so now redirect from http to https is working fine and when my iptable is empty on https:// I see ubuntu default website. When I run lines mentioned above with 443 port app is still not working (browser can't even load anything). It's only working with http:/...:3000
I've added 443 port to Security Groups on EC2.
What I can do? Thanks.
You need to check your security group Inbound/Outbound rules, you need to see if port 443 is assigned to which host. A valid but dangerous configuration, just for testing, is allow everything on Inbound and Outbound, to see if its a problem on your Security Group.
Beyond that, you need to be sure if the binding port is listening. Are you using Amazon Linux?

Having Apache httpd listen on port 80, but not started as root?

I would like to have my Apache httpd launch as non-route user (httpd) and still listen on port 80/443. This server will be running on a Linux host.
Given that the first 1024 ports are reserved, how would I go about having a reserved port handled by a non-root daemon? Alternatively, can I run my apache on a non-reserved port and have the port's traffic redirect locally to that other port?
You can use iptables for port redirecting:
# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

How to change Port 8080 on Apache Tomcat on Linux Centos 6.5 server to the Default?

I want to remove switch from port 8080 on my Apache Tomcat on Linux server CentOS 6.5 to the default. On My hosted Apache Tomcat server is running on port 8080 on url vmx15978.hosting24.com.au:8080. After I have installed the Geoserver software on the Apache server the url for it is http://vmx15978.hosting24.com.au:8080/geoserver/web/.
My website domain is links-map.com. Currently I can access Geoserver by this URL: links-map.com:8080/geoserver/web; However, I want to access Geoserver without 8080 using this URL instead: http://links-map.com/geoserver/web/
I had the same problem. It means I need to change port number from 8080 to 80 so that I can access my url (e.g www.mydomain.com) without appending 8080. But I found a different way to solve the problem.
Instead of changing port number in server.xml. I redirected port number 80 to 8080 using the following script. This works perfectly fine for me.
[root#myroot ~]# iptables -t nat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
[root#myroot ~]# iptables -t nat -A PREROUTING -p udp -m udp --dport 80 -j REDIRECT --to-ports 8080
Please find more at this link
taken from here
in your tomcat install dir, look for server.xml file.
change
<Connector port="8080" ...
to
<Connector port="80" ....
or any other port (80 is the default without specifying port)
don't forget to restart tomcat to apply changes
sudo service tomcat7 restart
Even after changing port 8080 to 80 we won't be able to access tomcat with it, as 80 is a privileged port, so it should be run by root,
Hence we can change Tomcat user to root as below and issue will be resolved, now we will be able to open tomcat site without 8080.
$ cat /etc/tomcat6/tomcat6.conf |grep USER
TOMCAT_USER="root"
Note: It is not recommended to run tomcat with root user.

Resources